Home Embedded Vulns General Vulns

ESV-Tracker

An AI-powered database that classifies embedded vulnerabilities separately from general-purpose ones.

No Dedicated Database Existed. Until Now.

Embedded system vulnerabilities are critical, yet buried alongside millions of general CVEs. ESV-Tracker changes that.

Your Embedded Threat Center.

Search the database, track embedded CVEs, and explore real-time statistics — all in one place.

513
New Embedded Vulns (7 Days)
9226
Active Critical ESVs
ibm
Top Target (30 Days)
6.95
Average ESV CVSS Score

Vulnerability Trends (Last 6 Months)

ESV Severity Distribution (90 Days)

Top Affected ESV Vendors (90 Days)

  • microsoft 36 Vulns
  • apache 29 Vulns
  • linux 28 Vulns
  • apple 16 Vulns
  • google 16 Vulns

Recent Critical ESVs

CVE-2026-11807 CRITICAL 9.6
CVE-2026-53753 CRITICAL 9.8
CVE-2026-54157 CRITICAL 9.0
CVE-2026-53662 CRITICAL 9.6
CVE-2026-55450 CRITICAL 9.3

Recently Added Vulnerabilities

CVE ID Description Severity Published Type
CVE-2020-6631 An issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function gf_m2ts_stream_proce… Medium (5.5) 2020-01-09 General Purpose
CVE-2020-6630 An issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function gf_isom_get_media_da… Medium (5.5) 2020-01-09 General Purpose
CVE-2020-6629 Ming (aka libming) 0.4.8 has z NULL pointer dereference in the function decompileGETURL2() in decompile.c. Medium (6.5) 2020-01-09 Environment Specific
CVE-2020-6628 Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in decompile.c. High (8.8) 2020-01-09 General Purpose
CVE-2020-5205 In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation atta… Medium (6.5) 2020-01-09 General Purpose